# com-ledger--io.pages.dev — MALICIOUS

> com-ledger--io.pages.dev is a confirmed crypto drainer site. 18 antivirus engines flagged it. Check the full report for safety details.

## Summary
PhishDestroy identifies com-ledger--io.pages.dev as a live crypto drainer posing a high risk to cryptocurrency users. This fraudulent site attempts to trick visitors into connecting their wallets under the false pretense of a legitimate crypto ledger service, then silently drains tokens once permission is granted. Google Safe Browsing has categorized the domain under SOCIAL_ENGINEERING due to impersonation tactics targeting crypto holders, and VirusTotal confirms 18 out of 95 security vendors detect malicious activity.

This domain was flagged within hours of creation and is hosted on Cloudflare infrastructure resolving to IP 172.66.46.252. The site uses a Google Trust Services SSL certificate to appear legitimate, but its recent registration and low detection history make it particularly dangerous. Threat analysts associate this campaign with a unique seed identifier 90d3ed, linking it to ongoing campaigns that deploy fake wallet interfaces to steal digital assets.

If you visited com-ledger--io.pages.dev or entered any wallet credentials, disconnect your wallet immediately and revoke unauthorized permissions using tools like revoke.cash. Do not authorize any unexpected transactions, and scan your device with updated antivirus software. Report the domain to your wallet provider and consider transferring remaining funds to a newly created, secure wallet. Always verify URLs through official channels before interacting with crypto services.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.46.252

## Detection Status
- VirusTotal: 18 vendors flagged
- Google Safe Browsing: FLAGGED
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/d32c2d65-5c63-4b0f-b498-6b018b7ee829
- PhishDestroy: https://phishdestroy.io/domain/com-ledger--io.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/com-ledger--io.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/com-ledger--io.pages.dev/
Last updated: 2026-03-22